Re: Proposal: restrict link(2)

Steve VanDevender (
Fri, 13 Dec 1996 00:13:41 -0800

Dan Merillat writes:
> Now, like I said, do we _REALLY_ like the connotations of being able to link
> (and therefore modify) files that we don't have write permissions to?

"And therefore modify?" I get the impression that some of the people
who are arguing about this don't at all understand the semantics of

If you link /etc/shadow to /tmp/shadow, you have done none of the

* changed the permissions of /tmp/shadow
* changed the owner or group owner of /tmp/shadow

Not only have you not changed those, you cannot change those. You have
created another reference to the inode, and that's all.

You cannot use hard links to defeat the permissions for a file. Even if
you manage to make a link to a temporary file, once the original user of
the temporary file is done with it the link you created remains with
_exactly the same permissions and ownerships_ that the original user
created it with. If that person did his job right, then the most you
can manage with a hard link is to possibly fill up the filesystem by
nabbing links to a lot of temporary files so that when the creator
unlink()s their temp files it doesn't free up the file space.